monitor

package

v0.0.4 Latest Latest Go to latest Published: Feb 3, 2026 License: EUPL-1.2 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/host-uk/core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package monitor provides security monitoring commands.

Commands:

monitor: Aggregate security findings from GitHub Security Tab, workflow artifacts, and PR comments

Data sources (all free tier):

Code scanning: Semgrep, Trivy, Gitleaks, OSV-Scanner, Checkov, CodeQL
Dependabot: Dependency vulnerability alerts
Secret scanning: Exposed secrets/credentials

Index ¶

func AddMonitorCommands(root *cli.Command)
type CodeScanningAlert
type DependabotAlert
type Finding
type SecretScanningAlert

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AddMonitorCommands ¶

func AddMonitorCommands(root *cli.Command)

AddMonitorCommands registers the 'monitor' command.

Types ¶

type CodeScanningAlert ¶

type CodeScanningAlert struct {
	Number int    `json:"number"`
	State  string `json:"state"` // open, dismissed, fixed
	Rule   struct {
		ID          string `json:"id"`
		Severity    string `json:"severity"`
		Description string `json:"description"`
	} `json:"rule"`
	Tool struct {
		Name string `json:"name"`
	} `json:"tool"`
	MostRecentInstance struct {
		Location struct {
			Path      string `json:"path"`
			StartLine int    `json:"start_line"`
		} `json:"location"`
		Message struct {
			Text string `json:"text"`
		} `json:"message"`
	} `json:"most_recent_instance"`
	HTMLURL   string `json:"html_url"`
	CreatedAt string `json:"created_at"`
}

CodeScanningAlert represents a GitHub code scanning alert

type DependabotAlert ¶

type DependabotAlert struct {
	Number                int    `json:"number"`
	State                 string `json:"state"` // open, dismissed, fixed
	SecurityVulnerability struct {
		Severity string `json:"severity"`
		Package  struct {
			Name      string `json:"name"`
			Ecosystem string `json:"ecosystem"`
		} `json:"package"`
	} `json:"security_vulnerability"`
	SecurityAdvisory struct {
		CVEID       string `json:"cve_id"`
		Summary     string `json:"summary"`
		Description string `json:"description"`
	} `json:"security_advisory"`
	Dependency struct {
		ManifestPath string `json:"manifest_path"`
	} `json:"dependency"`
	HTMLURL   string `json:"html_url"`
	CreatedAt string `json:"created_at"`
}

DependabotAlert represents a GitHub Dependabot alert

type Finding ¶

type Finding struct {
	Source    string   `json:"source"`     // semgrep, trivy, dependabot, secret-scanning, etc.
	Severity  string   `json:"severity"`   // critical, high, medium, low
	Rule      string   `json:"rule"`       // Rule ID or CVE
	File      string   `json:"file"`       // Affected file path
	Line      int      `json:"line"`       // Line number (0 if N/A)
	Message   string   `json:"message"`    // Description
	URL       string   `json:"url"`        // Link to finding
	State     string   `json:"state"`      // open, dismissed, fixed
	RepoName  string   `json:"repo"`       // Repository name
	CreatedAt string   `json:"created_at"` // When found
	Labels    []string `json:"suggested_labels,omitempty"`
}

Finding represents a security finding from any source

type SecretScanningAlert ¶

type SecretScanningAlert struct {
	Number       int    `json:"number"`
	State        string `json:"state"` // open, resolved
	SecretType   string `json:"secret_type"`
	Secret       string `json:"secret"` // Partial, redacted
	HTMLURL      string `json:"html_url"`
	LocationType string `json:"location_type"`
	CreatedAt    string `json:"created_at"`
}

SecretScanningAlert represents a GitHub secret scanning alert

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL